[dpm]

Also,
O4 - HKCU\..\Run: [Cghpzsyz] C:\WINDOWS\System32\puw.exe
and
O4 - HKCU\..\Run: [Aida] C:\Documents and Settings\Dawg\Application Data\ttuh.exe

look suspicious. Do you know if either of them are legitimate programmes?

Further,
O16 - DPF: {DBA230D1-8467-4e69-987E-5FAE815A3B45} (Personal System Administrator Control) - http://206.65.172.231/check/netset/...ll/gtdowngc.cab
and
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} (MediaTicketsInstaller Control) - http://www.mt-download.com/MediaTicketsInstaller.cab
look like spyware / browser hijackers to me. Do the programme names mean anything to you?